Has anyone out there successfully set up Puppet to use FreeIPA as an LDAP
provider for user resources ?
I found
https://www.freeipa.org/page/HowTo/LDAP
which says:
This use also has no special rights and is unable to write any data in the IPA
LDAP server, only read.
but this page
https://puppet.com/docs/puppet/6.7/types/user.html#user-provider-ldap
says:
User management via LDAP: This provider requires that you have valid values
for all of the LDAP-related settings in puppet.conf, including ldapbase. You
will almost definitely need settings for ldapuser and ldappassword in order for
your clients to write to LDAP.
Thus my dilemma. Can I make the IPA "service account" read-write or can Puppet
live with read-only ?
------------------------------------------------
“Sometimes I think the surest sign that intelligent life exists elsewhere in the
universe is that none of it has tried to contact us.” (Bill Waterson: Calvin &
Hobbes)
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org